USDA Identity, Credential and Access Management



Similar documents
U.S. Department of Agriculture HSPD 12 Program. USDA HSPD-12 Implementing PIV USDA

DEPARTMENTAL REGULATION

How to Use Your LincPass Credential

OWA/2-Factor Authentication VPN FAQ. Outlook Web Access (OWA) QUESTIONS

Shared Services Canada (SSC)

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

OFFICE OF THE CHIEF INFORMATION OFFICER IDENTITY, CREDENTIAL, & ACCESS MANAGEMENT PROGRAM. Logging In with my LincPass

PRIVACY IMPACT ASSESSMENT

Exploring Converged Access of IT Security and Building Access Today, Tomorrow and the Future

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

Web Time and Attendance

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing

DOE Joint ICAM Program - Unclass & Secret Fabrics

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.

Leaders in Windows Privilege Management. Least Privilege = Least Risk = Least Cost

Identity, Credential, and Access Management at NASA, from Zachman to Attributes

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Copyright

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

Authentication: Password Madness

AD-1143 CORPORATE SYSTEMS ACCESS REQUEST FORM. 1 AD 1143 (Rev. 11/11)

Computer Security Awareness Training Requirements Approved by: Deputy Administrator, Management

Securing Administrator Access to Internal Windows Servers

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

Identity Management with midpoint. Radovan Semančík FOSDEM, January 2016

Richard Gadsden Information Security Office Office of the CIO Information Services

United States Department of Agriculture Office of Inspector General

Office of the Chief Information Officer Department of Energy Identity, Credential, and Access Management (ICAM)

PROTECT YOUR WORLD. Identity Management Solutions and Services

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

STRONGER AUTHENTICATION for CA SiteMinder

CA Single Sign-On Migration Guide

Role Based Access Control for Industrial Automation and Control Systems

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Desktop Web Access Single Sign-On Configuration Guide

NEIS HELP DESK FAQS. HSPD-12 Policy/Business Process. General HSPD-12 FAQs can be found online at:

Establishing two-factor authentication with Check Point and HOTPin authentication server from Celestix Networks

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

The Convergence of IT Security and Physical Access Control

UNITED STATES DEPARTMENT OF AGRICULTURE FOOD SAFETY AND INSPECTION SERVICE WASHINGTON, DC

Enterprise Single Sign-On City Hospital Cures Password Pain. Stephen Furstenau Operations and Support Director Imprivata, Inc.

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Mobile device and application management. Speaker Name Date

RSA SecurID Two-factor Authentication

FileCloud Security FAQ

NCSU SSO. Case Study

ACCESS RIGHTS MANAGEMENT Securing Assets for the Financial Services Sector

DIVISION OF INFORMATION SECURITY (DIS)

Defender Token Deployment System Quick Start Guide

Copyright

The Convergence of IT Security and Physical Access Control

Evaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12

Establishing two-factor authentication with Cyberoam UTM appliances and HOTPin authentication server from Celestix Networks

ADDING STRONGER AUTHENTICATION for VPN Access Control

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

United States Department of State Global Financial Management System (GFMS) Privacy Impact Assessment

Enterprise Mobility Suite Overview. Joe Kuster Catapult Systems

Training module 2 Installing VMware View

Employee Active Directory Self-Service Quick Setup Guide

User Account Management

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)

External Authentication with Citrix Access Gateway Advanced Edition

Privacy Impact Assessment: Peace Corps Intranet

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services

What Does it Mean to be PIVish in PACS ICAM PIV in E-PACS Guidance v2.0.2 the short form. December 3, 2012

USDA Rural Development Direct Program Prequalification Form

Okta Mobility Management

Project Management Planning

PRIVACY IMPACT ASSESSMENT (PIA) For the

Privacy Impact Assessment

UNITED STATES DEPARTMENT OF AGRICULTURE Farm Service Agency Washington, DC Notice PM-2912

United States Department of Agriculture. Office of Inspector General

Allianz Global Investors Remote Access Guide

Compiled By: Chris Presland v th September. Revision History Phil Underwood v1.1

Take Control of Identities & Data Loss. Vipul Kumra

CloudCERT (Testbed framework to exercise critical infrastructure protection)

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark

Mobile Admin Security

Transcription:

USDA Identity, Credential and Access Management What We re Doing; Where We re Going May 2010 Simplifying Business Delivery Improving Our Security Posture Enabling Trust & Privacy Reducing Costs & Increasing Efficiency

United States Department of Agriculture The People s Department 7 Mission Areas 29 Offices and Agencies 125,000+ Employees & Contractors 2

Scope Seven Mission Areas Farm and Foreign Agricultural Services Food, Nutrition and Consumer Services Food Safety Marketing and Regulatory Programs Natural Resources and Environment Research, Education and Economics Rural Development 3

Challenges Information Technology Aging infrastructure Fragmented services Highly decentralized security operations Information Sources Multiple, standalone Duplicative Incompatible 4

Environment Foundational elements Agriculture Security Operations Center (ASOC) Enterprise Data Centers Communication, collaboration, productivity Mission systems 5

Historical Identity, Credential & Access Management User Identity Joe Bloggs J Blogg Joseph Bloggs Credential Joe.Bloggs Password1! 123456 JosephB Secret2# Access Rights System Admin Basic User App Admin Applications Domain Account AgLearn Time & Attendance 6

United States Government Affiliation Contractor Agency/Department Department of Agriculture Expires 2012OCT22 Identity, Credential & Access Management with a PIV Card and an ICAM Solution User Identity Joseph Bloggs 654321 123-54-6789 Active Credential Bloggs, Joseph OCT2012 USDA G PIN=123456 Access Rights Employee System Admin Supervisor Applications Domain Account AgLearn Time & Attendance 7

Taking Ownership of FICAM s Work 8

Defining Ownership Review All Processes and Make Them Lean 9

Defining Ownership Implement the Technical Architecture Supplemental Two-Factor HSPD-DM epacs OCIO ITS AD WCTS AD AgLearn Course Status FSA Application? NFC? NITC? HR Systems Person Model EIDS Enterprise Financial Application? 44 Active Directories? RISO Pilot Readiness Rollout FSA Application FS Adam eauthdb XeGov AD AgLearn

Defining Ownership Improve the Access Control Processes Applications Enterprise aplications Agency applications... Role Management Entitlement Provisioning Access Management Systems Mainframes Servers Workstations Blackberry devices... Access Enforcement Authorization Authentication Facilities Access Administration Facilities Buildings Rooms Quarantine Areas... Compliance, Auditing and Reporting 11

Meticulous Attention Getting to the Finish Line Moving to Effective & Efficient Ways of Doing Business User Joe Carl Joe Alice Tom Betty HR System Enterprise Entitlement Management System Organization Position/Role USDA Emp FSA Emp County Director FSA Supervisor Application Roles (Examples) AgLearn User AD User PACS User WebTA User EmpowHR Emp DCP Approver CRP Approver AgLearn S visor WebTA S visor EmPowHR S visor Application Function (Examples) AgLearn Create LP Approve LP Take Courses AD Domain Acct epacs Access to xyz WebTA Create T&A Create Leave Approve T&A Approve Leave EmPowHR Create PD Approve PD DCP Approve App CRP Approve App One More Thought: If Joe changes position, what happens? If Joe retires, what happens? 12

Questions? 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information